#!/bin/bash

# Capture some network traffic on remote host (via ssh) and live analize it in GUI

: ${1?"You should provide at least 1 argument: `basename $0` target-ssh-host [<remote capture parameters and filters>]"}

HOST="$1"
shift

# Use dumpcap instead of tshark to support old format: http://ask.wireshark.org/questions/28600/unrecognized-libpcap-format ( http://wiki.wireshark.org/CaptureSetup/Pipes )
/usr/bin/ssh $HOST "sudo dumpcap -P -iany -w- -f \"$@\"" | wireshark -k -i-
